SpringbootCMS 1.0 foreground message can be embedded malicious code saved in the database. When users browse the comments, these malicious codes embedded in the HTML will be executed, and the user's browser will be controlled by the attacker, so as to achieve the special purpose of the attacker, such as cookie theft
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://github.com/etn0tw/cmscve_test/blob/main/README.md |
History
Tue, 24 Sep 2024 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2023-09-27T00:00:00
Updated: 2024-09-24T13:15:27.811Z
Reserved: 2023-09-18T00:00:00
Link: CVE-2023-43191
Vulnrichment
Updated: 2024-08-02T19:37:23.375Z
NVD
Status : Analyzed
Published: 2023-09-27T23:15:11.960
Modified: 2023-10-26T20:10:03.743
Link: CVE-2023-43191
Redhat
No data.